Integer::StringToInteger is accepting invalid(?) input

14 views
Skip to first unread message

Tim Offermann

unread,
Jun 6, 2021, 3:38:29 PM6/6/21
to Crypto++ Users

Hi

I was wondering if the current behavior of StringToInteger is perhaps a little bit too "friendly" - honestly I would have expected some exceptions on (IMHO) invalid input:

Dec from '011b' : 3.
Dec from '012b' : 1. ! 

Oct from '04711o' : 4711o
Oct from '04811o' : 411o !

Hex from '08Ah' : 8ah
Hex from '08A.' : 8h !
Hex from '08A'  : 8h !!!

This is my code:

#include "integer.h"
#include <iostream>

int main(int argc, char *argv[])
{

    std::cout << "Dec from '011b' : " << std::dec << CryptoPP::Integer("011b") << std::endl;

    std::cout << "Dec from '012b' : " << std::dec << CryptoPP::Integer("012b") << " !" << std::endl;

    std::cout << "\n";

    std::cout << "Oct from '04711o' : " << std::oct << CryptoPP::Integer("04711o") << std::endl;

    std::cout << "Oct from '04811o' : " << std::oct << CryptoPP::Integer("04811o") << " !" << std::endl;

    std::cout << "\n";

    std::cout << "Hex from '08Ah' : " << std::hex << CryptoPP::Integer("08Ah") << std::endl;

    std::cout << "Hex from '08A.' : " << std::hex << CryptoPP::Integer("08A.") << " !" << std::endl;

    std::cout << "Hex from '08A'  : " << std::hex << CryptoPP::Integer("08A") << " !!!" << std::endl;

    return 0;
}

It might be that the intention behind this originally was to accept additional characters like ":" or "-" in between for better readability (e.g. "31-65-30-63h" as  "31653063h"). Out of my personal experience in the last days I would propose to limit this openess a little bit. Especially not allowing characters which are valid digits in one of the available notations might help prevent some (difficult to spot) usage error.

With best regards,
Tim Offermann

Reply all
Reply to author
Forward
0 new messages